@Seraphimblade: Did @Plenz explicitly agree to work on this? Asking as you set them as assignee.

I can imagine that this is expected behavior. Tools hosted on Toolforge are supposed to serve and support Wikimedia projects, not random websites?

Though if this does not work on/from Wikimedia Commons that sounds like a bug indeed.

@Aklapper: Plenz is listed as the tool maintainer, so he seemed like the right one. I presume that can be changed if need be?

It's not only that it doesn't work from Commons. It also would not work if, for example, I were planning a trip with other Wikimedia users to photograph NRHP locations, and emailed them the link. When they clicked on it from the email, it would fail and give them that error due to the referrer. Same if I bookmarked it for later reference since then the referrer is null. So it is broken on Commons (and any other non-Wikipedia Wikimedia project), but it's also broken for many other legitimate potential uses.

Regardless, the error message seems overly aggressive. Someone clicking a bookmark is not doing or attempting to do something malicious or disruptive.

Indeed, IMHO it was not a bug, it was a feature. The reason was an e-mail about a security vulnerability mentioned in T219178 (which I can not read) and I found it a good idea to let my program accept only original links from wikipedia. Well - I did not know that my program is also used from Commons, but nice to hear this :)

OK, I understand that my idea was bad, and today I removed this feature and I hope the program works as expected. Against security risks, my program checks for terms like "fromcharcode" in the URL and displays "Don't disturb Wikipedia" in those cases.

Confirmed working. Thanks to @Plenz for taking a look at it so quickly!

Is this solved?

@Dvorapa: Yes, this was fixed some time ago.

So we can close the issue?

Yes, the fix has already been deployed and confirmed to work.